Some embodiments provide a method for connecting a client of a first network to a service of a second network. The method includes registering the service of the second network. The method then receives, from a client of the first network, a request to communicate with the service, the client not having an address of the service. The method further assigns an IP address to the service and sends the IP address to the client. Additionally, the method sends, to an inter-network hub that connects the first network and the second network, a message in order for the inter-network hub to establish a first tunnel between the inter-network hub and a first gateway associated with the client and a second tunnel between the inter-network hub and a second gateway associated with the service.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
2. The method of claim 1, wherein the message is a first message, wherein the inter-network hub sends the first gateway a second message that configures the first gateway to route traffic received from the client and addressed to the IP address of the service to the inter-network hub for communication to the service.
This invention relates to network communication systems, specifically methods for routing traffic between clients and services across different networks. The problem addressed is efficiently managing traffic flow in distributed network environments where multiple gateways and hubs facilitate communication between clients and services. The system includes an inter-network hub that acts as a central coordinator for routing traffic. A first gateway receives a request from a client to communicate with a service identified by an IP address. The inter-network hub sends a configuration message to the first gateway, instructing it to route traffic from the client to the service through the inter-network hub. This ensures that the hub can manage and optimize the communication path between the client and the service, improving reliability and performance. The inter-network hub may also send additional configuration messages to other gateways in the network, ensuring that traffic is properly routed through the hub for centralized management. This approach allows for dynamic reconfiguration of routing paths based on network conditions, service availability, or client requirements. The system is particularly useful in large-scale networks where direct client-to-service communication may be inefficient or unreliable.
5. The method of claim 1, wherein the first network is a on-premises network and wherein the second network is a virtual private cloud (VPC).
This invention relates to network connectivity solutions for securely linking an on-premises network with a virtual private cloud (VPC). The problem addressed is the need for efficient, secure, and scalable communication between on-premises infrastructure and cloud-based resources, particularly in hybrid cloud environments. Traditional methods often suffer from latency, security vulnerabilities, or complex configuration requirements. The invention provides a method for establishing a secure connection between an on-premises network and a VPC. The method involves configuring network gateways on both the on-premises side and the VPC to facilitate encrypted data transmission. The on-premises network may include local servers, storage systems, or other computing resources, while the VPC hosts cloud-based applications, databases, or services. The connection is established using a secure tunneling protocol, such as IPsec or TLS, to ensure data integrity and confidentiality. The method may also include authentication mechanisms to verify the identity of both networks before establishing the connection. Additionally, traffic routing rules are defined to optimize data flow between the networks, reducing latency and improving performance. The solution may further include monitoring and logging capabilities to track connection status, detect anomalies, and ensure compliance with security policies. This approach enables seamless integration of on-premises and cloud resources while maintaining high levels of security and operational efficiency.
6. The method of claim 1, wherein the first network includes the computing device.
A method for managing network connectivity in a computing environment involves a first network and a second network, where the first network includes a computing device. The computing device is configured to detect a connection to the second network, which may be a different type of network, such as a wireless or wired network, or a network with different security or performance characteristics. Upon detecting the connection, the computing device evaluates the second network's properties, such as bandwidth, latency, or security protocols, to determine whether to transfer data or operations from the first network to the second network. The transfer may involve migrating active processes, redirecting network traffic, or adjusting communication protocols to optimize performance or security. The method ensures seamless integration between the networks, allowing the computing device to leverage the best available network resources while maintaining operational continuity. This approach is particularly useful in environments where multiple networks are available, such as in hybrid cloud or multi-network enterprise systems, where efficient network utilization is critical for performance and reliability.
7. The method of claim 1, wherein the first network includes the first gateway and wherein the second network includes the second gateway.
This invention relates to network communication systems, specifically methods for managing data traffic between two distinct networks. The problem addressed is the need for efficient and secure data transfer between networks that have different protocols, security policies, or operational requirements. The solution involves a method for routing data through gateways that serve as intermediaries between the networks. The method includes establishing a first network with a first gateway and a second network with a second gateway. The first gateway is responsible for receiving data from the first network and preparing it for transmission to the second network. Similarly, the second gateway receives data from the second network and processes it for transmission to the first network. The gateways may perform protocol conversion, encryption, or other transformations to ensure compatibility and security between the networks. The method further includes routing data between the networks via the gateways, ensuring that data flows are managed according to predefined rules. These rules may include filtering, prioritization, or load balancing to optimize performance. The gateways may also monitor traffic to detect anomalies or enforce security policies. The overall system ensures seamless and secure communication between the networks while maintaining their distinct operational characteristics.
9. The non-transitory machine-readable medium of claim 8, wherein the message is a first message, wherein the inter-network hub sends the first gateway a second message that configures the first gateway to route traffic received from the client and addressed to the IP address of the service to the inter-network hub for communication to the service.
This invention relates to network communication systems, specifically methods for routing traffic between clients and services across interconnected networks. The problem addressed is the efficient and secure routing of client requests to services in a multi-network environment, ensuring proper traffic flow through intermediary hubs. The system includes an inter-network hub that facilitates communication between a client and a service. The hub receives a first message from a first gateway, which is part of the network infrastructure. This message includes an IP address of the service, allowing the hub to establish a connection to the service. The hub then sends a second message to the first gateway, configuring it to route traffic from the client to the service through the hub. Specifically, when the gateway receives traffic from the client addressed to the service's IP address, it forwards this traffic to the inter-network hub, which then relays it to the service. This ensures that all communication between the client and the service is properly routed and managed by the hub, improving traffic control and security in the network. The invention enhances network communication by centralizing traffic routing through the inter-network hub, allowing for better management of data flow between clients and services in a distributed network environment.
12. The non-transitory machine-readable medium of claim 8, wherein the first network is a on-premises network and wherein the second network is a virtual private cloud (VPC).
This invention relates to data transfer between an on-premises network and a virtual private cloud (VPC). The problem addressed is securely and efficiently transferring data between these two distinct network environments while maintaining data integrity and security. The solution involves a non-transitory machine-readable medium storing instructions that, when executed, perform a method for transferring data. The method includes receiving a data transfer request from a client device connected to the on-premises network, where the request specifies a destination in the VPC. The system then establishes a secure communication channel between the on-premises network and the VPC, ensuring encrypted data transmission. The data is transferred through this channel, with the system monitoring the transfer for errors or interruptions. If issues arise, the system implements error recovery protocols to ensure data integrity. The method also includes logging the transfer details for auditing and compliance purposes. The invention ensures secure, reliable data transfer between on-premises and cloud environments, addressing challenges like network latency, security vulnerabilities, and data consistency.
13. The non-transitory machine-readable medium of claim 8, wherein the first network includes the computing device.
A system and method for network communication management involves a computing device connected to a first network and a second network. The computing device monitors data traffic between the first network and the second network, detecting anomalies or unauthorized access attempts. When an anomaly is detected, the computing device isolates the first network from the second network to prevent further unauthorized data transfer. The computing device may also analyze network traffic patterns to identify potential security threats and apply predefined security policies to mitigate risks. The system ensures secure communication between networks by dynamically adjusting connectivity based on real-time threat assessments. The computing device acts as an intermediary, enforcing security protocols and maintaining network integrity. This approach enhances network security by proactively responding to detected threats, reducing the risk of data breaches or unauthorized access. The solution is particularly useful in environments where multiple networks interact, requiring robust security measures to protect sensitive data.
14. The non-transitory machine-readable medium of claim 8, wherein the first network includes the first gateway and wherein the second network includes the second gateway.
A system and method for managing network communications involves a non-transitory machine-readable medium storing instructions that, when executed, perform operations to facilitate secure and efficient data transfer between two distinct networks. The first network includes a first gateway, and the second network includes a second gateway. The system enables communication between these networks by processing data packets through the respective gateways, ensuring proper routing and security measures are applied. The instructions may include steps for authenticating data packets, encrypting or decrypting data, and managing network traffic to prevent congestion or unauthorized access. The system may also handle protocol translation between different network protocols used in the first and second networks, ensuring seamless interoperability. The gateways act as intermediaries, enforcing security policies and optimizing data flow between the networks. This approach improves network efficiency, security, and reliability by ensuring that data is properly routed and protected as it moves between the two networks. The system is particularly useful in environments where secure and efficient communication between separate networks is required, such as in enterprise systems, cloud computing, or distributed computing architectures.
16. The system of claim 15, wherein the message is a first message, wherein the inter-network hub sends the first gateway a second message that configures the first gateway to route traffic received from the client and addressed to the IP address of the service to the inter-network hub for communication to the service.
This invention relates to network communication systems, specifically addressing the challenge of efficiently routing traffic between clients and services across different network domains. The system includes an inter-network hub that facilitates communication between a client and a service by managing routing configurations in gateways. The inter-network hub receives a first message from a client, which is then forwarded to a service. The inter-network hub also sends a second message to a gateway, instructing it to route traffic from the client to the inter-network hub when the traffic is addressed to the service's IP address. This ensures that the inter-network hub can properly relay the communication to the service, improving traffic management and reducing latency in multi-domain network environments. The system may also include multiple gateways, each configured to route traffic to the inter-network hub based on similar instructions, allowing for scalable and dynamic network routing. The inter-network hub may further process the traffic, such as encrypting or decrypting data, before forwarding it to the service or client, enhancing security in the communication process. This approach optimizes network performance by centralizing traffic management and ensuring efficient routing across different network segments.
19. The system of claim 15, wherein the first network is a on-premises network and wherein the second network is a virtual private cloud (VPC).
This invention relates to a system for securely connecting an on-premises network to a virtual private cloud (VPC). The system addresses the challenge of integrating on-premises infrastructure with cloud-based resources while maintaining security and performance. The system includes a first network interface for the on-premises network and a second network interface for the VPC. A secure communication channel is established between these interfaces, allowing data to flow between the on-premises network and the VPC while enforcing security policies. The system may include encryption mechanisms to protect data in transit and authentication protocols to verify authorized access. Additionally, the system may monitor traffic between the networks to detect and mitigate potential security threats. The invention ensures seamless and secure interoperability between on-premises and cloud environments, enabling enterprises to leverage cloud resources while maintaining control over their on-premises infrastructure.
20. The system of claim 15, wherein the first network includes the system and the first gateway and the second network includes the second gateway.
A system is described for managing network communications between two distinct networks. The first network includes a system and a first gateway, while the second network includes a second gateway. The system facilitates secure and efficient data exchange between these networks, addressing challenges related to interoperability, security, and performance in heterogeneous network environments. The first gateway acts as an interface for the system within the first network, while the second gateway serves as an interface for the second network. The system ensures that data transmitted between the networks is properly routed, authenticated, and processed, enabling seamless communication while maintaining security and reliability. This approach is particularly useful in scenarios where different networks must interact, such as in enterprise environments, cloud computing, or IoT deployments, where ensuring secure and efficient data flow is critical. The system may include additional components, such as authentication modules, encryption mechanisms, or traffic management tools, to further enhance performance and security. The overall solution provides a robust framework for integrating disparate networks while addressing common challenges in network communication.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
December 15, 2020
November 22, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.